An ontology-based network intrusion detection system: A user-oriented approach

In this paper, a new approach is suggested for designing and developing an intrusion detection application where the domain expertise is used for generating it more easily. This approach uses ontologies as a way of grasping the knowledge of a domain, expressing the intrusion detection system much more in terms of the end users domain, generating the intrusion detection more easily and performing intelligent reasoning. Experimental results show that our anomaly detection techniques are very promising and are successful in automatically detecting intrusions at very low false alarm rate compared with several important traditional classification techniques.